You can quickly see how the Verification API works by sending yourself a Phone Call verification request.
Before you can get started, you need the following already set up:
- Set all Verification API configuration settings
- PHP 8.1 or later. Additionally, ensure the
fileinfo
extension is enabled in thephp.ini
file.
Create a new file named initiate-verification.php and paste the provided "initiate-verification.php" code into the file.
<?php
declare(strict_types=1);
const URL = "https://verificationapi-v1.sinch.com/verification/v1/verifications";
const METHOD = "POST";
/*
The key from one of your Verification Apps, found here https://dashboard.sinch.com/verification/apps
*/
$applicationKey = "<REPLACE_WITH_VERIF_APP_KEY>";
/*
The secret from the Verification App that uses the key above, found here https://dashboard.sinch.com/verification/apps
*/
$applicationSecret = "<REPLACE_WITH_VERIF_APP_SECRET>";
/*
The number that will receive the Phone Call. Test accounts are limited to verified numbers.
The number must be in E.164 Format, e.g. Netherlands 0639111222 -> +31639111222
*/
$toNumber = "<REPLACE_WITH_TO_NUMBER>";
$calloutVerificationPayload = [
"identity" => [
"type" => "number",
"endpoint" => $toNumber
],
"method" => "callout"
];
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_HTTPHEADER => [
"Content-Type: application/json",
"Authorization: Basic " . base64_encode($applicationKey . ":" . $applicationSecret)
],
CURLOPT_POSTFIELDS => json_encode($calloutVerificationPayload),
CURLOPT_URL => URL,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_CUSTOMREQUEST => METHOD,
]);
$response = curl_exec($curl);
$error = curl_error($curl);
$statusCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
curl_close($curl);
if ($error) {
echo "cURL Error #:" . $error . "\n";
} else {
echo $response . "\n";
echo $statusCode . "\n";
}
This tutorial uses basic authentication for testing purposes. We recommend using a signed request for authentication in a production environment. You can follow the steps in this guide, but use the code samples from here to use request signing authentication instead.
This code makes a POST request to the Verification API /verifications endpoint which sends a Phone Call verification request out to the toNumber
parameter in the body of the request.
Before you can run the code, you need to update some values so you can connect to your Sinch account. Update the following parameters with your own values:
Parameter | Your value |
---|---|
applicationKey | The application key found on your Sinch dashboard. |
applicationSecret | The application secret found on your Sinch dashboard. |
toNumber | This should be the number of the mobile handset you are using for this guide. |
When your account is in trial mode, you can only message your verified numbers. If you want to send a message to any number, you need to upgrade your account!
Save the file.
Now you can execute the code and initiate your verification request. Run the following command:
php initiate-verification.php
You should receive a phone call to your mobile handset with a text-to-speech message with your verification code. In a production scenario, this is the code that a user would enter into your app to verify their account.
If after running your app you receive a 5000 error response, you may have forgotten to save your file after adding your authentication values. This is an easy mistake to make! Try saving the file and running the app again.
Now it's time to take the code you just received and use it to verify the identity of the user by reporting the code.